diff --git a/Makefile b/Makefile
index 480ba557..c294a4d7 100644
--- a/Makefile
+++ b/Makefile
@@ -42,6 +42,9 @@ REGISTRY_NAME ?= $(shell echo $(REGISTRY) | sed "s/.azurecr.io//g")
 IMAGE_TAG = $(REGISTRY)/$(IMAGENAME):$(IMAGE_VERSION)
 IMAGE_TAG_LATEST = $(REGISTRY)/$(IMAGENAME):latest
 
+E2E_HELM_OPTIONS ?= --set image.nfs.repository=$(REGISTRY)/$(IMAGENAME) --set image.nfs.tag=$(IMAGE_VERSION) --set image.nfs.pullPolicy=Always
+E2E_HELM_OPTIONS += ${EXTRA_HELM_OPTIONS}
+
 all: nfs
 
 .PHONY: verify
@@ -112,11 +115,9 @@ install-helm:
 e2e-bootstrap: install-helm
 	docker pull $(IMAGE_TAG) || make container push
 	helm install csi-driver-nfs ./charts/latest/csi-driver-nfs --namespace kube-system --wait --timeout=15m -v=5 --debug \
-	--set image.nfs.repository=$(REGISTRY)/$(IMAGENAME) \
-	--set image.nfs.tag=$(IMAGE_VERSION) \
-	--set image.nfs.pullPolicy=Always
-	--set controller.logLevel=8
-	--set node.logLevel=8
+		${E2E_HELM_OPTIONS} \
+		--set controller.logLevel=8 \
+		--set node.logLevel=8
 
 .PHONY: e2e-teardown
 e2e-teardown:
diff --git a/charts/README.md b/charts/README.md
index 982747c2..4d3ce5d1 100644
--- a/charts/README.md
+++ b/charts/README.md
@@ -3,6 +3,11 @@
 ## Prerequisites
  - [install Helm](https://helm.sh/docs/intro/quickstart/#install-helm)
 
+### Tips
+ - `--set controller.runOnMaster=true` could make csi-nfs-controller only run on master node
+ - `--set feature.enableFSGroupPolicy=true` could enable `fsGroupPolicy` on a k8s 1.20+ cluster
+ - `--set controller.replicas=1` could set replica of csi-nfs-controller as `1`
+
 ## install latest version
 ```console
 helm repo add csi-driver-nfs https://raw.githubusercontent.com/kubernetes-csi/csi-driver-nfs/master/charts
@@ -31,6 +36,7 @@ The following table lists the configurable parameters of the latest NFS CSI Driv
 
 | Parameter                                         | Description                                                | Default                                                           |
 |---------------------------------------------------|------------------------------------------------------------|-------------------------------------------------------------------|
+| `feature.enableFSGroupPolicy`                     | enable `fsGroupPolicy` on a k8s 1.20+ cluster           | `false`                      |
 | `image.nfs.repository`                            | csi-driver-nfs docker image                                | gcr.io/k8s-staging-sig-storage/nfsplugin                          |
 | `image.nfs.tag`                                   | csi-driver-nfs docker image tag                            | amd64-linux-canary                                                |
 | `image.nfs.pullPolicy`                            | csi-driver-nfs image pull policy                           | IfNotPresent                                                      |
diff --git a/charts/latest/csi-driver-nfs-v3.0.0.tgz b/charts/latest/csi-driver-nfs-v3.0.0.tgz
index 86ff63a3..46cc8ca3 100644
Binary files a/charts/latest/csi-driver-nfs-v3.0.0.tgz and b/charts/latest/csi-driver-nfs-v3.0.0.tgz differ
diff --git a/charts/latest/csi-driver-nfs/templates/csi-nfs-driverinfo.yaml b/charts/latest/csi-driver-nfs/templates/csi-nfs-driverinfo.yaml
index 6c7c462f..a1bfac8d 100755
--- a/charts/latest/csi-driver-nfs/templates/csi-nfs-driverinfo.yaml
+++ b/charts/latest/csi-driver-nfs/templates/csi-nfs-driverinfo.yaml
@@ -6,3 +6,6 @@ spec:
   attachRequired: false
   volumeLifecycleModes:
     - Persistent
+  {{- if .Values.feature.enableFSGroupPolicy}}
+  fsGroupPolicy: File
+  {{- end}}
diff --git a/charts/latest/csi-driver-nfs/values.yaml b/charts/latest/csi-driver-nfs/values.yaml
index 74d1bcf1..5cf553fa 100755
--- a/charts/latest/csi-driver-nfs/values.yaml
+++ b/charts/latest/csi-driver-nfs/values.yaml
@@ -29,6 +29,9 @@ node:
   livenessProbe:
     healthPort: 29653
 
+feature:
+  enableFSGroupPolicy: false
+
 ## Reference to one or more secrets to be used when pulling images
 ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
 ##
diff --git a/test/external-e2e/run.sh b/test/external-e2e/run.sh
index fffe607f..1d89d8ab 100644
--- a/test/external-e2e/run.sh
+++ b/test/external-e2e/run.sh
@@ -28,7 +28,10 @@ setup_e2e_binaries() {
     curl -sL https://storage.googleapis.com/kubernetes-release/release/v1.21.0/kubernetes-test-linux-amd64.tar.gz --output e2e-tests.tar.gz
     tar -xvf e2e-tests.tar.gz && rm e2e-tests.tar.gz
 
-    # install the csi driver nfs
+    # enable fsGroupPolicy (only available from k8s 1.20)
+    export EXTRA_HELM_OPTIONS="--set feature.enableFSGroupPolicy=true"
+
+    # install csi driver
     mkdir -p /tmp/csi && cp deploy/example/storageclass-nfs.yaml /tmp/csi/storageclass.yaml
     make e2e-bootstrap
     make install-nfs-server
diff --git a/test/external-e2e/testdriver.yaml b/test/external-e2e/testdriver.yaml
index 1cf77cfd..c9386554 100644
--- a/test/external-e2e/testdriver.yaml
+++ b/test/external-e2e/testdriver.yaml
@@ -10,3 +10,4 @@ DriverInfo:
     exec: true
     multipods: true
     RWX: true
+    fsGroup: true